22.5 Understanding the Default SoD Approval Policy

Identity Governance uses Separation of duties (SoD) approval policies to control potential SoD violation approvals and govern the approval process for SoD violations. If you set a default SoD approval policy, it applies to any SoD policy with no SoD approval policy assigned. Identity Governance allows you to view which default SoD approval policy is set by selecting Policy > Access Request Policies > Potential SoD Violation Approval. You can also run an Insight Query to view all your SoD policies and the SoD approval policies assigned to them. If default SoD approval policy is not set, then potential SoD violation approval is not required, and SoD Owners, Global Administrators, and Customer Administrators may resolve or approve SoD violations. To set the default SoD approval policy, coordinate with the Global, Customer, or Separation of Duties administrator. For more information about SoD policies and SoD violations, see Creating and Managing Separation of Duties Policies and Managing Separation of Duties Violations.